This particular attack is aimed at Uyghur activists -- but that's no reason for other Mac users to be complacent. "With Macs growing in popularity and their increased adoption by high-profile targets, we expect the number of Mac OS X APT attacks will also grow," cautioned Costin Raiu, a Kaspersky Lab Expert.

For this newly discovered threat, attackers are sending targeted emails with a ZIP attachment containing a JPEG image and a new, mostly undetected version of the Mac Control backdoor Trojan. Upon execution, the Trojan installs itself on the target machine in typical APT fashion and connects to its command and control server for orders. With the backdoor installed, the attacker effectively has free reign over the infected machine and its contents.

The backdoor is "quite flexible," Raiu wrote. "Its command and control servers are stored in a configuration block which has been appended at the end of the file. The configuration block is obfuscated with a simple 'substract 8' operation."

This Trojan intercepted by Kaspersky connects to a C&C server based in China.

"With Macs growing in popularity and their increased adoption by high-profile targets, we expect the number of Mac OS X APT attacks will also grow," wrote Raiu. "Previous attacks used MS Office exploits; the one described here relies on social engineering to get the user to run the backdoor. Just like with PC malware, a combination of exploits and social engineering tricks are generally the most effective; it won't be surprising to see a spike in such attacks soon."